Coincidence? Win 10 saying bit locker security has changed and won't boot

Associate
Joined
14 May 2009
Posts
2,450
So we all know 14th was the last day of Windows 10 support. Turned my Microsoft Surface Pro 3 about an hour ago to be greeted with a blue screen and a message along the lines of Secure Boot policy has unexpectedly changed and bitlocker needs unlocking. Looked in my password database but I have no record of a bitlocker key. After a bit of Googling I found there's a way to get this online from your Microsoft account, if the PC in question uses the same Microsoft Account. It did so I'm up and running again.

What caused this? Well, even though support finished on 14th the Surface Pro did 2 updates yesterday (17th)! KB5066791 and KB5066747

If you don't know your bitlocker keys you can run the following command from a privileged Command Prompt. manage-bde -protectors C: -get
 
What caused this? Well, even though support finished on 14th the Surface Pro did 2 updates yesterday (17th)! KB5066791 and KB5066747
Does the device do automatic firmware updates? Edit: one of those KBs updated secure boot.
 
Last edited:
Possibly. I've had the device since new and never had this issue until today. The Surface is a Microsoft Device and, strangely, Windows updates are controlled by Microsoft. Microsoft want me to upgrade and throw away a machine that still functions just fine? As I said coincidence?
 
Possibly. I've had the device since new and never had this issue until today. The Surface is a Microsoft Device and, strangely, Windows updates are controlled by Microsoft. Microsoft want me to upgrade and throw away a machine that still functions just fine? As I said coincidence?
It might be because of the KB that updated the secure boot certificates, if they mess with the TPM/secure boot, there's always a possibility that it will cause a reset of the keys. A BIOS/firmware update can do the same thing and I'm not sure how those new certificates are delivered.
 
Back
Top Bottom